VIRY.CZ

Zdravim. CounterSPY mi nasiel Trojan.Win32.Generic!BT a neviem to odstranit. CPU mi pracuje stale na 100%. Prosim Vas o pomoc. Vdaka.

Zdravim

Prectete si Pravidla fora a dulezite info http://forum.viry.cz/viewforum.php?f=12

Dejte log z RSIT

Logfile of random's system information tool 1.09 (written by random/random)
Run by nixevo at 2012-10-12 12:40:44
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 107 GB (45%) free of 238 GB
Total RAM: 4004 MB (36% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:42:03, on 12. 10. 2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal

Running processes:
C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
C:\Program Files (x86)\Origin\Origin.exe
C:\Users\nixevo\AppData\Roaming\Microsoft\Windows\Templates\spsreng.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Users\Public\Conduit\ConduitHelper\ConduitHelper.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Users\nixevo\AppData\Local\Temp\jikcifrvm.exe
C:\Users\nixevo\AppData\Local\Temp\vxklmlepd.exe
C:\Users\nixevo\AppData\Local\Temp\jfblnjvgp.exe
C:\Users\nixevo\AppData\Local\Temp\vjvovguvd.exe
C:\Users\nixevo\AppData\Local\Temp\lqplqnxiy.exe
C:\Users\nixevo\AppData\Local\Temp\kqxcjbwml.exe
C:\Users\nixevo\AppData\Local\Temp\qorrjtctv.exe
C:\Users\nixevo\AppData\Local\Temp\uyqcpshgm.exe
C:\Users\nixevo\AppData\Local\Temp\euahoqydt.exe
C:\Users\nixevo\AppData\Local\Temp\olamaeacl.exe
C:\Users\nixevo\AppData\Local\Temp\rbfskuypr.exe
C:\Users\nixevo\AppData\Local\Temp\upqlifips.exe
C:\Users\nixevo\AppData\Local\Temp\gtifwohhd.exe
C:\Users\nixevo\AppData\Local\Temp\vruulhann.exe
C:\Users\nixevo\AppData\Local\Temp\dwfujkjji.exe
C:\Users\nixevo\AppData\Local\Temp\gqkcjicxl.exe
C:\Users\nixevo\AppData\Local\Temp\ktomfxovs.exe
C:\Users\nixevo\AppData\Local\Temp\qpavmpwod.exe
C:\Users\nixevo\AppData\Local\Temp\ttkmyykbq.exe
C:\Users\nixevo\AppData\Local\Temp\enriasfqi.exe
C:\Users\nixevo\AppData\Local\Temp\wsouoepxl.exe
C:\Users\nixevo\AppData\Local\Temp\ydfihgbpv.exe
C:\Users\nixevo\AppData\Local\Temp\pcrvyodhm.exe
C:\Users\nixevo\AppData\Local\Temp\sjljiaxvd.exe
C:\Users\nixevo\AppData\Local\Temp\plksawrwc.exe
C:\Users\nixevo\AppData\Local\Temp\kbyykvbpc.exe
C:\Users\nixevo\AppData\Local\Temp\yehfmaqvl.exe
C:\Users\nixevo\AppData\Local\Temp\cllstxsuq.exe
C:\Users\nixevo\AppData\Local\Temp\bnjtpuxfv.exe
C:\Users\nixevo\AppData\Local\Temp\yknsjouix.exe
C:\Users\nixevo\AppData\Local\Temp\dvvdfxnhm.exe
C:\Users\nixevo\AppData\Local\Temp\ximwnggte.exe
C:\Users\nixevo\AppData\Local\Temp\kbswdovle.exe
C:\Users\nixevo\AppData\Local\Temp\vvvkucybx.exe
C:\Users\nixevo\AppData\Local\Temp\wwivjfiip.exe
C:\Users\nixevo\AppData\Local\Temp\plpbqduyx.exe
C:\Users\nixevo\AppData\Local\Temp\qhuxyrevr.exe
C:\Users\nixevo\AppData\Local\Temp\sgryndthv.exe
C:\Users\nixevo\AppData\Local\Temp\wmqbbgcpy.exe
C:\Users\nixevo\AppData\Local\Temp\tbugmhpog.exe
C:\Users\nixevo\AppData\Local\Temp\fxenvlnhe.exe
C:\Users\nixevo\AppData\Local\Temp\mutvdjsxs.exe
C:\Users\nixevo\AppData\Local\Temp\cauiubigh.exe
C:\Users\nixevo\AppData\Local\Temp\knsytbakt.exe
C:\Users\nixevo\AppData\Local\Temp\sbrprbspg.exe
C:\Users\nixevo\AppData\Local\Temp\weufiohvq.exe
C:\Users\nixevo\AppData\Local\Temp\vdjvncobc.exe
C:\Users\nixevo\AppData\Local\Temp\vonpxtrln.exe
C:\Users\nixevo\AppData\Local\Temp\btpdohfce.exe
C:\Users\nixevo\AppData\Local\Temp\fyrruubrk.exe
C:\Users\nixevo\AppData\Local\Temp\puwbthdus.exe
C:\Users\nixevo\AppData\Local\Temp\dcbulpian.exe
C:\Users\nixevo\AppData\Local\Temp\fhtrjvjsi.exe
C:\Users\nixevo\AppData\Local\Temp\xvlqwcajj.exe
C:\Users\nixevo\AppData\Local\Temp\rjdqkhqak.exe
C:\Users\nixevo\AppData\Local\Temp\jwutntqpi.exe
C:\Users\nixevo\AppData\Local\Temp\pexqekvhd.exe
C:\Users\nixevo\AppData\Local\Temp\vwybdihfl.exe
C:\Users\nixevo\AppData\Local\Temp\lmshnvmln.exe
C:\Users\nixevo\AppData\Local\Temp\rjdokxgbe.exe
C:\Users\nixevo\AppData\Local\Temp\swiowdwsw.exe
C:\Users\nixevo\AppData\Local\Temp\nbvrqhiin.exe
C:\Users\nixevo\AppData\Local\Temp\mykqgvwyc.exe
C:\Users\nixevo\AppData\Local\Temp\wnxnhsvqc.exe
C:\Users\nixevo\AppData\Local\Temp\mvnfotjpd.exe
C:\Users\nixevo\AppData\Local\Temp\jaipuhdcr.exe
C:\Users\nixevo\AppData\Local\Temp\crqtjfqup.exe
C:\Users\nixevo\AppData\Local\Temp\wnqexjdvr.exe
C:\Users\nixevo\AppData\Local\Temp\ckhlirwom.exe
C:\Users\nixevo\AppData\Local\Temp\wevswanui.exe
C:\Users\nixevo\AppData\Local\Temp\cdggdfekf.exe
C:\Users\nixevo\AppData\Local\Temp\kluawobgm.exe
C:\Users\nixevo\AppData\Local\Temp\xteuugtmn.exe
C:\Users\nixevo\AppData\Local\Temp\yyyjlciai.exe
C:\Users\nixevo\AppData\Local\Temp\epaovdrid.exe
C:\Users\nixevo\AppData\Local\Temp\cojfnqqnp.exe
C:\Users\nixevo\AppData\Local\Temp\decubruta.exe
C:\Users\nixevo\AppData\Local\Temp\jiosusuie.exe
C:\Users\nixevo\AppData\Local\Temp\sxwisgfbv.exe
C:\Users\nixevo\AppData\Local\Temp\uneodktjo.exe
C:\Users\nixevo\AppData\Local\Temp\cnvgyckdu.exe
C:\Users\nixevo\AppData\Local\Temp\cjhjbxrsb.exe
C:\Users\nixevo\AppData\Local\Temp\bjmihmyih.exe
C:\Users\nixevo\AppData\Local\Temp\fhejoavax.exe
C:\Users\nixevo\AppData\Local\Temp\qonjbefvk.exe
C:\Users\nixevo\AppData\Local\Temp\grflweout.exe
C:\Users\nixevo\AppData\Local\Temp\aymapsjky.exe
C:\Users\nixevo\AppData\Local\Temp\cruansntp.exe
C:\Users\nixevo\AppData\Local\Temp\pxfqxgbfl.exe
C:\Users\nixevo\AppData\Local\Temp\rmhlvnmwy.exe
C:\Users\nixevo\AppData\Local\Temp\yhavtedbv.exe
C:\Users\nixevo\AppData\Local\Temp\ejufkkstp.exe
C:\Users\nixevo\AppData\Local\Temp\yxpuglxaa.exe
C:\Users\nixevo\AppData\Local\Temp\glultlvfm.exe
C:\Users\nixevo\AppData\Local\Temp\mipedagfx.exe
C:\Users\nixevo\AppData\Local\Temp\dkhylchfh.exe
C:\Users\nixevo\AppData\Local\Temp\fgdvbjgbp.exe
C:\Users\nixevo\AppData\Local\Temp\ueknbocsx.exe
C:\Users\nixevo\AppData\Local\Temp\ctvtlrptc.exe
C:\Users\nixevo\AppData\Local\Temp\cknykqjjw.exe
C:\Users\nixevo\AppData\Local\Temp\kfbcyuiya.exe
C:\Users\nixevo\AppData\Local\Temp\vrvoifumq.exe
C:\Users\nixevo\AppData\Local\Temp\ufofqesrd.exe
C:\Users\nixevo\AppData\Local\Temp\ahvuysdxm.exe
C:\Users\nixevo\AppData\Local\Temp\fhdlxgrdy.exe
C:\Users\nixevo\AppData\Local\Temp\yggtecxbg.exe
C:\Users\nixevo\AppData\Local\Temp\qlyhupkrl.exe
C:\Users\nixevo\AppData\Local\Temp\bljykgkwx.exe
C:\Users\nixevo\AppData\Local\Temp\ecxmresjo.exe
C:\Users\nixevo\AppData\Local\Temp\ccgdjrqoa.exe
C:\Users\nixevo\AppData\Local\Temp\uuwgmlxrc.exe
C:\Users\nixevo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\nixevo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\nixevo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\nixevo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\nixevo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\nixevo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\nixevo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\nixevo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\nixevo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\nixevo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\nixevo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\nixevo\AppData\Local\Temp\ihvtjsghu.exe
C:\Users\nixevo\AppData\Local\Temp\brvguaayj.exe
C:\Program Files\trend micro\nixevo.exe
C:\Users\nixevo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\nixevo\AppData\Local\Temp\fkttnpuox.exe
C:\Users\nixevo\AppData\Local\Temp\uevsbiuno.exe
C:\Users\nixevo\AppData\Local\Temp\dmview.exe
C:\Users\nixevo\AppData\Local\Google\Chrome\Application\chrome.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll (file missing)
O2 - BHO: (no name) - {2EECD738-5844-4a99-B4B6-146BF802613B} - (no file)
O2 - BHO: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: DataMngr - {B939CF93-F2CB-443d-956C-DC523D85C9DB} - C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\BROWSE~1.DLL
O2 - BHO: uTorrentBar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll
O2 - BHO: Wincore Mediabar - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\ToolBar\wincorebsdtx.dll
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll
O3 - Toolbar: KMPlayer Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Wincore Mediabar - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\ToolBar\wincorebsdtx.dll
O3 - Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - (no file)
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NBAgent] "c:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [KeNotify] "C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe" LPCM
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe /hide:60
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [ConduitHelper] "C:\Users\Public\Conduit\ConduitHelper\ConduitHelper.exe"
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [HF_G_Jul] "C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe" /DoAction
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SBRegRebootCleaner] C:\Program Files (x86)\Sunbelt Software\CounterSpy\SBRC.exe
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKCU\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STAR
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [stplpfhevfcucfammws] C:\Users\nixevo\AppData\Roaming\stplpfhevfcucfammws.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\nixevo\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [AdobeUpdate] wscript "C:\Users\nixevo\AppData\Roaming\Adobe32\invis.vbs" "C:\Users\nixevo\AppData\Roaming\Adobe32\bat.bat"
O4 - HKCU\..\Run: [avgnamsmufpnmtlqopn] C:\Users\nixevo\AppData\Roaming\avgnamsmufpnmtlqopn.exe
O4 - HKCU\..\Run: [Activex Application Updater] C:\Users\nixevo\AppData\Roaming\Microsoft\Windows\Templates\spsreng.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Toshiba Places Icon Utility.lnk = ?
O8 - Extra context menu item: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Pridať do TOSHIBA Bulletin Board - res://C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll/1000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-229 - {97F922BD-8563-4184-87EE-8C4ACA438823} - (no file)
O9 - Extra 'Tools' menuitem: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-228 - {97F922BD-8563-4184-87EE-8C4ACA438823} - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~4\Office12\GRA32A~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\progra~3\browse~1\23787~1.43\{16cdf~1\browse~1.dll c:\progra~3\browse~1\22643~1.41\{16cdf~1\browse~1.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Browser Manager - Unknown owner - C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @c:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - c:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 25157 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 24451712
\??\C:\Windows\system32\conhost.exe "681619178-3199717631936575911789325647-537485484-1029665895-1168546484-1838625481
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"C:\Windows\system32\schtasks.exe" /create /tn "Browser Manager" /ru "SYSTEM" /sc minute /mo 1 /tr "C:\Windows\system32\sc.exe start Browser Manager" /st 00:00:00
\??\C:\Windows\system32\conhost.exe "1996676883-1136261788-4504715381287026887-47357404576230883141888770694488954
"C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe" /PROTECT
"C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\TODDSrv.exe
"C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"
WLIDSvcM.exe 2800
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe"
"C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe"
"C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe"
"C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe"
"C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE3
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe" /STAR
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
"C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
"C:\Users\nixevo\AppData\Roaming\Microsoft\Windows\Templates\spsreng.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe"
"C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
taskeng.exe {DBFC1C1E-8267-4F12-A63D-0A5338345C49}
C:\Windows\system32\igfxext.exe -Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe"
"C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosA2dp.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosBtHid.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosBtHsp.exe"
"C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe" LPCM
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe"
"C:\Users\Public\Conduit\ConduitHelper\ConduitHelper.exe"
"C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-1818042830-78758634-722423068-5678335771514475061-162758782-5481067-284775196
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "2162814611011367760-156374775210431049399683612181148659558-9221891591194500271
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe"
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-95412725-7177745351672889570-1823959477-670613937-1886711442881080559-920856105
"c:\Program Files (x86)\Nero\Update\NASvc.exe"
C:\Windows\System32\svchost.exe -k secsvcs
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-936580857-181917395891043554-15311584661170393284116146302010674549512135323325
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-1501794165-1010904058-102566118-644094105-1405667566618707162-1708283-1537123604
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-5870076881295987143-2042687069787062949141465965-913893285-131282883-1405545084
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-1255461179-1148711275-641974926169072660285065278919086152653904624401225085472
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-1678195916-1815139175-371318676569637415645817880841504633-2070074748-1844093162
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-1009380413-10704686015752239531828430870-9412264019298015066184961671284207252
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-333659501-3712521751681143423-18313296391850530710-848372256-859701378-755522878
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "3358100831533318157-11072863751170603011316446451-2062573516-919464951-2137045043
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-639442992-16068614881582038162181793807514331056017713439132019267310-1507000944
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "13412110091344805716-3554912785943764003614928811182733887-76038911-597992914
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "1480495741-576440622951284301183326391-19969148421221374626-1014679443-342471309
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "174162177718281856022049567878-845511276-1270178643-52031537-173510573835036125
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-886203838-885109029-405466570-732069454-89332689416135756211047317794-943240493
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-1215914682942448381-933886428-442783744-363814409-2066754783-1317867782-250938359
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-17550609851508585693-1323973367-5356712912986870487701821401859510384-365165640
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-980883756-727491062-2040096222-485300929-1563673617-629375132-12428432521081461177
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "12063261492120180903414222764981452798-276716642-138023257-191841739722242062
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-2081492463-1251092486-711425151-379748379-20568241-8115854691271163146-993913859
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "17608814611977224612034252261-953581051584689784-317394333-2648870591682696035
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "1120829809-1611397841-105948137110603075051024465210-78251011615499200072057326253
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-15882573287443681701352904976-247317873-750595858-428608309-20560175791793676265
"taskhost.exe"
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "1175831330-2113322399338144051840984778-470160539193399381249334096-1773972451
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "1389303164754797166-1097822281915217787-131685793-1233719653398139492124859847
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "240857882-1196509766-4725956341347230446662656697-3804141941556316462-590555251
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "164929648610603695411438644202731699091-155755459-1069924764-1478625836-1122498564
"C:\Windows\system32\wuauclt.exe"
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "12761850309134034881860100010618317986153361241258720019-212166268-1904503727
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "1082828502-210827909132308712528797366090737393-65986071707781930643246378
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-18766518131255963255567676022234502797-1094258866-14483894571413849850977465919
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "788897402-43201266274440067-805681876-5806068897976362522024273928-1499137482
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "436861885278029731870829408343890316-6243159461195978046-21244504101857641538
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-858958924808250414-118845105712033186381816417650-17038796641461610935-1926629503
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-809116341-854587689-2139048591654449868-574678395-383883252-757439042-1631095032
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-1253076112-88575129-1989726902-32430376811026481131045953037951559868901280190
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-532619832-17674035591272340521-2035003285-60295886-1959694203-1820112602524405544
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-342811106-670414281-17287029311443465634-5903038551610793411-7451616121065072425
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "1525409521-630351880-870642979-2027391246-1604391347-180279294412667898401396811146
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-5830995271298751987-1873693856154450339821019887671276113819-16794718581193541280
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-719269208-16595883567374370211920004986-971189421-200963058-866830393-1945878631
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-1020992649-881965226-1087961648-138322340507540310168305515096789288035622830
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-4826531551442263794177751227661754410-724658551-341336198-120336021-474377625
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "9043244921995171814497357563-1906900333146800430-575721462254016484-1250942478
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-435021223-6943536791674238198-7671109651809021591599116281-2705176371562554001
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "9943181161721463359-1295045778880713975-11940058507408442491056671772017398683
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-7259707711758549332-262950237-249932839-1117417833-453988253-1186469422-42077835
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "2012500423-376569710-79040561-4919517941302570271-1572886146-558785386-1118281737
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "5793643891900879137747790741326839971375582011388693176204218262-1161542052
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "5505941288853463141145749321-8765764141379725406-8226673011753602633-1058663565
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "16438013781390745967-636552438213769257019649301-9728048815768114811136297721
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-9296557904551271711976936657-736393159-14051680-270979965-255893207-528318833
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "7539822041969841153824126034-1589085953599135053393870267-5764120111949918363
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "2117648961-663133261574796502-688685476527070910122230110011016949552012182312
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-1002714006112468633201632604-394227781205209990-1516475105-69862321646044459
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-293810532-10093173141419423377-40065662196104852655678315-996112893-1122177860
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-117562439313347546246379933081039997025-1053936660-253025387-17783774451232341970
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-806011349-42929736-1442175982083749654149356364-882228355-7822276081815944353
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-2091182767666898619-1279098693-348256770-1395713090-1839006114-345101652-256298436
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "944548904905241788-15929514801792639489574765124-2602925559524574841827515210
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "515394198-250810720115194362916522071331356433339-1814902506-925435173-1053332207
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "1004081552165324052395696854220916157161200530596-68448413918062566181240482386
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-1230466476-679439532-566249262115553264645375510-2045185906-13519860731299359496
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "40402514551139433-1422301360-843674891-385755464-302524231991882465717869200
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-1109598671843555402-1789781025-9171535001218177708-336242529834070877-1560915954
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-429067788-341745567-312405987-201278361217560272816587354721710817781939599340
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-381586035-1318757662553187747-9214244121333467225-658277340-20396097001052713965
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "15767530292013009939-129442162-1277981929-262823389-10857571096605858431792163393
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-11887688921823320577-1585805203142648391-200602231225573739319882054-211187408
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-1416998834-51384906244153868216890356625262889298678336-1740164461210486649
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-112002066-20909629053691527243450072438386442361661185521-507962663-645458670
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "1536067122-1166920053-1879241438-1661200804720476956-70304682-1169197000-405930497
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-15881622958101537991351726655-1297299540-13259168331227387040-4903174711353282319
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "2094219431-657584124-1012622963-21091304061513658066-16234926531705384260-104282243
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "386044679-1217353260-251411544863083557-116945997-228383572-1726497009-2110570079
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-13759128011928833576-1863353373-10056602881558409042215282540-2017701817-36408126
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-88971176-948607984-283916216298100126-924732576-606903284-353203095-133849026
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "1003875609-1701251469-48059010117818596613030966162131296404-658971409136707198
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-437475621-1658877784-437474690-8504341671340212481-694292237-145085583299433588
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "8097437081904025648-1594306588-1916405982833912491-1579153339-193243606735292636
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "1832473698-1515859336-13727370471618407389-2020777832014789943-389526129-195306467
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "1977153090-17574104681502148605-726704738993229809-1489756979-1195666478-1090775325
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "7907514352024356491-1811440459-1555592186-408466670-4062043241419438577414064049
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "1747711881-1839089416-150395662-647721011652587270183146466719024081041311907811
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "445073233-196851195-1075806989-1804531089-1504977931105836541316174061645250253
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-40531972459619144827868656-712287058-1301050935839503410-366057463-611639078
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-1608432309-38401292-473899597-141592445115459431-59979779522492059278580264
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-1592143300-2102874956-263100091-17300683281108901286-2113349375-233513414-226020619
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-15978281461176881491779263082-1674824453383424007-19947276603304325531898708589
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-166071274616584001221410051561843515298-247614264-1440205459-7625891651326458047
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "574003900-1511130328-1300531597-5306937971416538918271747426-1333344962906559507
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "1390564773-165430091297946230519381250871040811569948056863-1047733007-1925841690
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "1987282120-857544839-597059599148840659718689641561606450167-4035453541961654583
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "9440902481165677860382653344193538905-1436340489-405852936273562725-600864369
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "39992461915498467170081400922443273435640582231364378-405170463-29693492
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "140646852253496324571844446-215747435-971592677-2231339131669437637-766451502
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "2032487244-1947241806829563672-423608813-100797208161513199514134213371420119475
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "1850176078-3823531262062991907-101909930236183916-976054937549772749-360715794
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "146382021-1875008097-900744517-657642661-1054143-7155914541006597079-2126472133
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-2036495627-19245593161934883497111285158616052405028806962341609530331-272436248
C:\Windows\system32\wbem\wmiprvse.exe
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "496696653-1257311224-1956829040-11729760091536791544-649914402-1759852831-1516665529
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "129865411612623173561555726858-676845363-76748412142400736021946684246420150
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "87081718611890138801330391319633160774-1271537156-1424159881677933932-670735940
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-12488027707276564466812365391916885751567736199-23987721-21016381471014831768
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "2093357987-2842214551709357368-1379886441084191409-2066230771-14777624951984005923
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-13966481781144072365-20584593701048342746-14717997-803736193-6287381831422190419
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "2672976481174666124444640725-192940380-1258289108882007897746046182-74542885
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-1187175718776790028-315564682969438389-15127540611852707692-20735658091871440184
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "2041436481-748443384-96977110912597563211172222869-2457587191685787862-1092411596
C:\Windows\System32\svchost.exe -k WerSvcGroup
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "1704205544-1547606998-195190505271567867-1799553727-1117527434-2006627979-1080259489
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "1175134710-373812966-19116415123519780291600404969-18327253661230418946-149776854
"C:\Users\nixevo\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\nixevo\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/blacklisted/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxSearchSuggest/7/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V1/SpdyCwnd/cwnd16/SpdyImpact/spdy3/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_07/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --extension-process --renderer-print-preview --disable-accelerated-2d-canvas --channel="6968.0.903896651\416657705" /prefetch:3
"C:\Users\nixevo\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/blacklisted/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxSearchSuggest/7/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V1/SpdyCwnd/cwnd16/SpdyImpact/spdy3/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_07/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --extension-process --renderer-print-preview --disable-accelerated-2d-canvas --channel="6968.1.790314900\1022893750" /prefetch:3
"C:\Users\nixevo\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/blacklisted/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxSearchSuggest/7/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V1/SpdyCwnd/cwnd16/SpdyImpact/spdy3/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_07/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --extension-process --renderer-print-preview --disable-accelerated-2d-canvas --channel="6968.2.1501424587\1653425326" /prefetch:3
"C:\Users\nixevo\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/blacklisted/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxSearchSuggest/7/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V1/SpdyCwnd/cwnd16/SpdyImpact/spdy3/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_07/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --extension-process --renderer-print-preview --disable-accelerated-2d-canvas --channel="6968.3.242802638\1453815226" /prefetch:3
"C:\Users\nixevo\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/blacklisted/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/7/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V1/SpdyCwnd/cwnd16/SpdyImpact/spdy3/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_07/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --disable-accelerated-2d-canvas --channel="6968.4.1779630452\1495243282" /prefetch:3
"C:\Users\nixevo\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/blacklisted/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/7/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V1/SpdyCwnd/cwnd16/SpdyImpact/spdy3/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_07/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --disable-accelerated-2d-canvas --channel="6968.5.1338405705\1702313109" /prefetch:3
"C:\Users\nixevo\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="6968.6.1796788336\1468534317" --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2353 --ignored=" --type=renderer " /prefetch:12
"C:\Users\nixevo\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/blacklisted/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/7/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V1/SpdyCwnd/cwnd16/SpdyImpact/spdy3/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_07/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --disable-accelerated-2d-canvas --channel="6968.7.1988240006\2102269928" /prefetch:3
"C:\Users\nixevo\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/blacklisted/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/7/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V1/SpdyCwnd/cwnd16/SpdyImpact/spdy3/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_07/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --disable-accelerated-2d-canvas --channel="6968.8.1449952341\576932078" /prefetch:3
"C:\Users\nixevo\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\nixevo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\spext.dll" --lang=sk --channel="6968.9.1992932313\276865821" /prefetch:4
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-352558439-1509413402-1027574285417827885963020261317370639-1274171602-884511195
"C:\Users\nixevo\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "1467336797-15539643761240517403143727640-19051788342262050191092011504-2117635750
"C:\Users\nixevo\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/blacklisted/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/7/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V1/SpdyCwnd/cwnd16/SpdyImpact/spdy3/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_07/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --disable-accelerated-2d-canvas --channel="6968.10.1561289131\408350035" /prefetch:3
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "5760094783001023728275999571716827840-1315111742-42824127212439514831665250129
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
-g yes -o http://eeax_cheap:123456@us2.eclipsemc.com:8337
\??\C:\Windows\system32\conhost.exe "-897287510-525570421-192971536815339017831051498116-3956337051543817137-860481465
"C:\Users\nixevo\AppData\Local\Temp\dmview.exe"
"C:\Users\nixevo\AppData\Local\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="6968.11.650483784\897940923" --lang=sk --ignored=" --type=renderer " /prefetch:13

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2704147855-1236928014-2423095003-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2704147855-1236928014-2423095003-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}]
McAfee Phishing Filter - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B939CF93-F2CB-443d-956C-DC523D85C9DB}]
DataMngr - C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\BROWSE~1.DLL [2012-07-09 103896]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}]
McAfee Phishing Filter - c:\progra~1\mcafee\msk\mskapbho.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll [2012-08-30 3223608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-07-27 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~4\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-10-04 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B939CF93-F2CB-443d-956C-DC523D85C9DB}]
DataMngr - C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\BROWSE~1.DLL [2012-07-09 89048]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
uTorrentBar Toolbar - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}]
Wincore Mediabar - C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\ToolBar\wincorebsdtx.dll [2011-12-27 87480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar BHO - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll [2010-10-11 612616]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
KMPlayer Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2011-12-14 1514152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-10-04 157672]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3C88694-EFFA-4d78-B409-54B7B2535B14}]
TOSHIBA Media Controller Plug-in - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-12-05 529784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2011-01-20 1581376]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll,-100 - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll [2010-10-11 612616]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2011-01-20 988480]
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - uTorrentBar Toolbar - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll [2011-05-09 176936]
{D4027C7F-154A-4066-A1AD-4243D8127440} - KMPlayer Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2011-12-14 1514152]
{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - Wincore Mediabar - C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\ToolBar\wincorebsdtx.dll [2011-12-27 87480]
{98889811-442D-49dd-99D7-DC866BE87DBC}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TosNC"=C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [2010-12-13 597928]
"TosReelTimeMonitor"=C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [2010-12-14 38304]
"Toshiba TEMPRO"=C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [2011-02-10 1546720]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2011-03-02 566696]
"TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2010-12-15 973176]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-02-11 11776104]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-01-18 2188904]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-02-03 2679592]
"TosSENotify"=C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [2010-12-08 710040]
"TosVolRegulator"=C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [2009-11-11 24376]
"Toshiba Registration"=C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe [2011-03-28 150992]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-04-05 167960]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-04-05 391704]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-04-05 418840]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2012-03-07 4081008]
"SpywareTerminatorShield"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe []
"SpywareTerminatorUpdater"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TOPI.EXE"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [2011-02-18 845176]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"RGSC"=C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent []
"Sony PC Companion"=C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [2012-05-31 445624]
"EADM"=C:\Program Files (x86)\Origin\Origin.exe [2012-09-22 3341464]
"stplpfhevfcucfammws"=C:\Users\nixevo\AppData\Roaming\stplpfhevfcucfammws.exe [2010-11-21 55632]
"Google Update"=C:\Users\nixevo\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-30 116648]
"AdobeUpdate"=wscript C:\Users\nixevo\AppData\Roaming\Adobe32\invis.vbs C:\Users\nixevo\AppData\Roaming\Adobe32\bat.bat []
"avgnamsmufpnmtlqopn"=C:\Users\nixevo\AppData\Roaming\avgnamsmufpnmtlqopn.exe [2010-11-21 55632]
"Activex Application Updater"=C:\Users\nixevo\AppData\Roaming\Microsoft\Windows\Templates\spsreng.exe [2012-10-07 9728]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2011-09-05 35736]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"NBAgent"=c:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2011-01-07 1406248]
"Microsoft Default Manager"=C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [2010-05-10 439568]
"SVPWUTIL"=C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [2010-11-09 532480]
"HWSetup"=C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [2010-03-04 423936]
"KeNotify"=C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [2010-08-16 34160]
"ITSecMng"=C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START []
"ToshibaServiceStation"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [2010-11-29 1294712]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2011-07-05 421888]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"ConduitHelper"=C:\Users\Public\Conduit\ConduitHelper\ConduitHelper.exe [2011-08-31 274216]
""= []
"ApnUpdater"=C:\Program Files (x86)\Ask.com\Updater\Updater.exe [2011-12-14 1398440]
"ROC_roc_dec12"=C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe /PROMPT /CMPID=roc_dec12 []
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-11-02 59240]
"HF_G_Jul"=C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe /DoAction []
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"SBRegRebootCleaner"=C:\Program Files (x86)\Sunbelt Software\CounterSpy\SBRC.exe []
"SDTray"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2012-08-30 3904536]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
Toshiba Places Icon Utility.lnk - C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe

C:\Users\nixevo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
TRDCReminder.lnk - C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\datamngr.dll C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\IEBHO.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-04-05 385024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~4\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Users\nixevo\AppData\Local\Temp\MUUAAFRU16.exe"="C:\Users\nixevo\AppData\Local\Temp\MUUAAFRU16.exe:*:Enabled:Windows Messanger"
"C:\Windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe"="C:\Windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe:*:Enabled:Windows Messanger"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-10-12 12:40:46 ----D---- C:\Program Files\trend micro
2012-10-12 12:40:44 ----D---- C:\rsit
2012-10-12 11:29:16 ----SHD---- C:\Config.Msi
2012-10-12 11:06:21 ----A---- C:\Windows\system32\sdnclean64.exe
2012-10-12 11:06:13 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2
2012-10-12 10:34:42 ----D---- C:\Program Files (x86)\Enigma Software Group
2012-10-12 10:33:44 ----D---- C:\Windows\ADAFC0B4FC1545D9BAB3BC7A8829D0C4.TMP
2012-10-10 23:18:08 ----D---- C:\Users\nixevo\AppData\Roaming\Malwarebytes
2012-10-10 23:17:59 ----D---- C:\ProgramData\Malwarebytes
2012-10-10 23:06:57 ----A---- C:\Windows\SYSWOW64\SBRC.dat
2012-10-10 22:02:51 ----D---- C:\Program Files (x86)\Origin Games
2012-10-08 14:44:52 ----A---- C:\Windows\system32\drivers\stflt.sys
2012-10-08 13:09:17 ----D---- C:\Program Files\Enigma Software Group
2012-10-08 13:08:12 ----D---- C:\Windows\8C5C34C7BC6B48318B2C6535FE63E502.TMP
2012-10-08 13:02:10 ----D---- C:\ProgramData\Sunbelt
2012-10-07 22:43:16 ----D---- C:\ProgramData\ESET
2012-10-07 22:43:16 ----D---- C:\Program Files\ESET
2012-10-07 21:49:28 ----A---- C:\Users\nixevo\AppData\Roaming\avgnamsmufpnmtlqopn.exe
2012-10-04 22:00:15 ----A---- C:\Windows\SYSWOW64\drivers\DrvAgent64.SYS
2012-10-04 21:56:42 ----D---- C:\Windows\Sun
2012-10-04 21:54:53 ----D---- C:\Program Files (x86)\SystemRequirementsLab
2012-10-04 12:00:05 ----A---- C:\Windows\SYSWOW64\javaws.exe
2012-10-04 11:59:43 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2012-09-30 15:12:02 ----D---- C:\Users\nixevo\AppData\Roaming\Opera
2012-09-30 15:11:53 ----D---- C:\Program Files (x86)\Opera
2012-09-30 14:05:04 ----D---- C:\Windows\SYSWOW64\drivers\AVG
2012-09-30 00:05:49 ----A---- C:\Windows\system32\aswBoot.exe
2012-09-30 00:05:20 ----D---- C:\ProgramData\AVAST Software
2012-09-30 00:05:20 ----D---- C:\Program Files\AVAST Software
2012-09-28 23:23:30 ----D---- C:\Program Files (x86)\SpyDig
2012-09-28 22:51:26 ----A---- C:\Users\nixevo\AppData\Roaming\stplpfhevfcucfammws.exe
2012-09-27 21:49:24 ----D---- C:\Program Files (x86)\uTorrent
2012-09-27 21:48:04 ----D---- C:\Windows\SYSWOW64\searchplugins
2012-09-27 21:48:04 ----D---- C:\Windows\SYSWOW64\Extensions
2012-09-27 21:48:02 ----D---- C:\ProgramData\Browser Manager
2012-09-25 23:13:58 ----A---- C:\Windows\system32\OxpsConverter.exe
2012-09-23 11:14:07 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-09-23 11:14:07 ----A---- C:\Windows\system32\mshtmled.dll
2012-09-23 11:14:06 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2012-09-23 11:14:06 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-09-23 11:14:06 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-09-23 11:14:06 ----A---- C:\Windows\system32\ieUnatt.exe
2012-09-23 11:14:06 ----A---- C:\Windows\system32\ieui.dll
2012-09-23 11:14:05 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-09-23 11:14:05 ----A---- C:\Windows\SYSWOW64\url.dll
2012-09-23 11:14:05 ----A---- C:\Windows\system32\url.dll
2012-09-23 11:14:04 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2012-09-23 11:14:04 ----A---- C:\Windows\system32\urlmon.dll
2012-09-23 11:14:04 ----A---- C:\Windows\system32\msfeeds.dll
2012-09-23 11:14:04 ----A---- C:\Windows\system32\jscript9.dll
2012-09-23 11:14:03 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-09-23 11:14:03 ----A---- C:\Windows\system32\wininet.dll
2012-09-23 11:14:02 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-09-23 11:14:02 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-09-23 11:14:02 ----A---- C:\Windows\system32\vbscript.dll
2012-09-23 11:14:02 ----A---- C:\Windows\system32\jsproxy.dll
2012-09-23 11:14:01 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-09-23 11:14:01 ----A---- C:\Windows\system32\jscript.dll
2012-09-23 11:14:01 ----A---- C:\Windows\system32\iertutil.dll
2012-09-23 11:14:00 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-09-23 11:14:00 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-09-23 11:13:59 ----A---- C:\Windows\system32\mshtml.dll
2012-09-23 11:13:58 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-09-23 11:13:58 ----A---- C:\Windows\system32\ieframe.dll
2012-09-13 20:24:08 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2012-09-13 20:24:08 ----A---- C:\Windows\system32\drivers\ndis.sys
2012-09-13 20:24:07 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2012-09-13 20:24:07 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-09-13 20:24:07 ----A---- C:\Windows\system32\drivers\netio.sys
2012-09-13 20:24:07 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2012-09-13 20:24:07 ----A---- C:\Windows\system32\d3d10level9.dll

======List of files/folders modified in the last 1 month======

2012-10-12 12:41:58 ----D---- C:\Windows\Temp
2012-10-12 12:40:46 ----RD---- C:\Program Files
2012-10-12 12:38:26 ----D---- C:\Windows\Microsoft.NET
2012-10-12 11:51:17 ----D---- C:\Windows\system32\config
2012-10-12 11:39:26 ----D---- C:\Windows\system32\catroot
2012-10-12 11:35:55 ----A---- C:\Windows\SYSWOW64\log.txt
2012-10-12 11:34:50 ----D---- C:\ProgramData\Spybot - Search & Destroy
2012-10-12 11:33:13 ----D---- C:\Windows\system32\Tasks
2012-10-12 11:32:59 ----RD---- C:\Program Files (x86)
2012-10-12 11:32:59 ----D---- C:\Windows\system32\drivers
2012-10-12 11:29:33 ----SHD---- C:\Windows\Installer
2012-10-12 11:28:17 ----SHD---- C:\System Volume Information
2012-10-12 11:06:31 ----SD---- C:\ProgramData\Microsoft
2012-10-12 11:06:21 ----D---- C:\Windows\System32
2012-10-12 10:44:06 ----D---- C:\Windows\SYSWOW64\drivers
2012-10-12 10:44:04 ----D---- C:\Windows\SysWOW64
2012-10-12 10:33:44 ----D---- C:\Windows
2012-10-12 10:31:34 ----D---- C:\Temp
2012-10-10 23:21:16 ----D---- C:\Windows\inf
2012-10-10 23:17:59 ----HD---- C:\ProgramData
2012-10-10 23:06:24 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-10-10 22:49:17 ----D---- C:\Users\nixevo\AppData\Roaming\uTorrent
2012-10-10 22:49:17 ----D---- C:\Users\nixevo\AppData\Roaming\DAEMON Tools Lite
2012-10-10 22:49:06 ----D---- C:\Windows\Logs
2012-10-10 22:49:06 ----D---- C:\Windows\debug
2012-10-09 21:16:58 ----RSD---- C:\Windows\assembly
2012-10-09 21:12:53 ----D---- C:\Windows\SYSWOW64\en-US
2012-10-09 21:12:53 ----D---- C:\Windows\system32\en-US
2012-10-09 21:12:45 ----D---- C:\Program Files (x86)\Microsoft.NET
2012-10-09 21:11:58 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy
2012-10-08 14:33:15 ----D---- C:\Windows\system32\catroot2
2012-10-08 13:05:02 ----D---- C:\Users\nixevo\AppData\Roaming\Adobe32
2012-10-07 22:43:50 ----D---- C:\Windows\system32\DriverStore
2012-10-05 10:26:39 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2012-10-04 12:00:15 ----D---- C:\Program Files (x86)\Common Files
2012-10-04 11:59:36 ----A---- C:\Windows\SYSWOW64\javaw.exe
2012-10-04 11:59:35 ----A---- C:\Windows\SYSWOW64\npDeployJava1.dll
2012-10-04 11:59:35 ----A---- C:\Windows\SYSWOW64\java.exe
2012-10-04 11:59:35 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2012-10-04 11:59:33 ----D---- C:\Program Files (x86)\Java
2012-10-02 22:14:40 ----D---- C:\Windows\rescache
2012-09-30 18:38:44 ----D---- C:\Windows\Tasks
2012-09-30 17:39:08 ----D---- C:\ProgramData\DAEMON Tools Lite
2012-09-30 14:16:33 ----D---- C:\Windows\system32\NDF
2012-09-30 14:06:22 ----D---- C:\ProgramData\AVG2012
2012-09-30 14:05:41 ----D---- C:\ProgramData\MFAData
2012-09-30 14:05:04 ----HD---- C:\$AVG
2012-09-30 13:58:47 ----D---- C:\Windows\system32\drivers\AVG
2012-09-29 23:54:41 ----SD---- C:\Users\nixevo\AppData\Roaming\Microsoft
2012-09-28 23:57:45 ----D---- C:\Windows\system32\drivers\etc
2012-09-27 21:48:56 ----A---- C:\user.js
2012-09-27 21:48:54 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-09-27 21:47:50 ----D---- C:\Windows\Prefetch
2012-09-27 21:06:45 ----D---- C:\ProgramData\Origin
2012-09-26 03:00:28 ----D---- C:\Windows\winsxs
2012-09-23 11:16:59 ----D---- C:\Windows\SYSWOW64\migration
2012-09-23 11:16:59 ----D---- C:\Windows\system32\migration
2012-09-23 11:16:59 ----D---- C:\Program Files (x86)\Internet Explorer
2012-09-23 11:16:58 ----D---- C:\Program Files\Internet Explorer
2012-09-22 10:15:56 ----D---- C:\ProgramData\Sony Ericsson
2012-09-22 10:15:52 ----D---- C:\Program Files (x86)\Sony Ericsson
2012-09-22 09:36:42 ----D---- C:\Program Files (x86)\Origin
2012-09-17 11:35:36 ----D---- C:\Users\nixevo\AppData\Roaming\Origin
2012-09-13 23:32:46 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-01-12 439320]
R0 LPCFilter;LPC Lower Filter Driver; C:\Windows\system32\DRIVERS\LPCFilter.sys [2010-03-22 46192]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 tos_sps64;TOSHIBA tos_sps64 Service; C:\Windows\system32\DRIVERS\tos_sps64.sys [2009-06-24 482384]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 26840]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-09-04 254528]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2012-03-14 209768]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2012-03-14 148528]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2010-11-29 82224]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2012-03-14 137144]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-12-17 2675712]
R3 BtFilter;Bluetooth LowerFilter Class Filter Driver; C:\Windows\system32\DRIVERS\btfilter.sys [2010-10-18 42096]
R3 CeKbFilter;CeKbFilter; C:\Windows\system32\DRIVERS\CeKbFilter.sys [2011-05-02 20592]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-04-05 12262624]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-02-11 2739176]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2011-02-08 38096]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-02-03 1413680]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 27784]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2009-06-17 54664]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2010-06-18 18872]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S0 vmci;VMware VMCI Bus Driver; C:\Windows\system32\DRIVERS\vmci.sys []
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2010-12-02 19968]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-07-20 247400]
S3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2011-02-23 291120]
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2010-11-11 50864]
S3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2010-08-30 94528]
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 26472]
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2010-04-26 63488]
S3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2011-01-27 67384]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2011-05-10 51712]
S3 usbbus;LGE CDMA Composite USB Device; C:\Windows\system32\DRIVERS\lgx64bus.sys []
S3 UsbDiag;LGE CDMA USB Serial Port; C:\Windows\system32\DRIVERS\lgx64diag.sys []
S3 USBModem;LGE CDMA USB Modem; C:\Windows\system32\DRIVERS\lgx64modem.sys []
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
S3 xnacc;XBOX 360 Controller For Windows Driver Service; C:\Windows\system32\DRIVERS\xnacc.sys [2009-07-14 679936]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-09-05 64952]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-10-24 55144]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 Browser Manager;Browser Manager; C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [2012-10-10 2309656]
R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2012-03-07 913144]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2010-08-04 1809920]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-01 326168]
R2 NAUpdate;@c:\Program Files (x86)\Nero\Update\NASvc.exe,-200; c:\Program Files (x86)\Nero\Update\NASvc.exe [2011-01-14 572712]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-08-30 1074720]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-08-30 1358360]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-03-22 166528]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-07-27 249136]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2010-10-20 138656]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2010-12-09 489384]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2010-11-29 54136]
R3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2010-04-12 196976]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-12-08 137632]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
S3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2011-02-10 112080]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-09-04 1255736]
S4 NetMsmqActivator;@%SystemRoot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-06-10 116560]
S4 NetPipeActivator;@%SystemRoot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-06-10 116560]
S4 NetTcpActivator;@%SystemRoot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-06-10 116560]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

No potes koste tedy, cela zoo i s babkou pokladni

Odinstalujte Spybot - je uz davno za zenitem

Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com

• Pokud ho havet blokuje, pouzijte jeden z nasledujicich - i ty prejmenovane

  Rkill EXE:
  http://download.bleepingcomputer.com/grinler/rkill.exe
  
  Rkill iExplore.exe:
  http://download.bleepingcomputer.com/gr ... xplore.exe
  
  Rkill uSeRiNiT.exe:
  http://download.bleepingcomputer.com/gr ... eRiNiT.exe
  
  Rkill WiNlOgOn.exe:
  http://download.bleepingcomputer.com/gr ... NlOgOn.exe

• Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
• Spustte tradicne dvojklikem - program probehne do par sekund a ukonci i svou cinnost
• RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
• Na plose vznikne log Rkill.txt ten mi sem vlozte
• Ted nerestartujte PC - prisli byste o ucinek RKillu

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
• Kliknete na Delete
• PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem

Dle kolegy aplikujte SecurityCheck

stell píše:Stiahni SecurityCheck
Ulož ho na plochu.
Dvakrát kliknite SecurityCheck.exe a postupujte podľa pokynov na obrazovke .
po skonceni skenu Notepad sa automaticky otvorí s názvom checkup.txt,obsah vloz sem.

Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

• Ukoncete vsechny programy
• Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
• Pockejte na dokonceni PreScanu
• Zvolte moznost Prohledat (scan)
• Po dokonceni skenu kliknete na Zpráva (Report)- otevre se log, ten sem vlozte
• Detailni postup vc. obrazku mate zde http://forum.viry.cz/viewtopic.php?f=24&t=120452

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/12/2012 01:24:30 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Users\nixevo\AppData\Roaming\Microsoft\Windows\Templates\spsreng.exe (PID: 4004) [UP-HEUR]
* C:\Users\nixevo\AppData\Local\Temp\gdcvllbry.exe (PID: 5428) [UP-HEUR]
* C:\Users\nixevo\AppData\Local\Temp\dmview.exe (PID: 5516) [UP-HEUR]

3 proccesses terminated!

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\nixevo\Desktop\rkill\rkill-10-12-2012-01-24-39.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Automatic (Delayed Start)

* Security Center (wscsvc) is not Running.
Startup Type set to: Automatic (Delayed Start)

* Windows Update (wuauserv) is not Running.
Startup Type set to: Automatic (Delayed Start)

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com

20 out of 15279 HOSTS entries shown.
Please review HOSTS file for further entries.

Program finished at: 10/12/2012 01:24:55 PM
Execution time: 0 hours(s), 0 minute(s), and 24 seconds(s)

# AdwCleaner v2.004 - Logfile created 10/12/2012 at 13:27:09
# Updated 06/10/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : nixevo - NIXEVO
# Boot Mode : Normal
# Running from : C:\Users\nixevo\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : Browser Manager

***** [Files / Folders] *****

Deleted on reboot : C:\ProgramData\Browser Manager
File Deleted : C:\user.js
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\DAEMON Tools Toolbar
Folder Deleted : C:\Program Files (x86)\Smartdl
Folder Deleted : C:\Program Files (x86)\uTorrentBar
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder
Folder Deleted : C:\Users\nixevo\AppData\Local\APN
Folder Deleted : C:\Users\nixevo\AppData\Local\Conduit
Folder Deleted : C:\Users\nixevo\AppData\Local\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Folder Deleted : C:\Users\nixevo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Folder Deleted : C:\Users\nixevo\AppData\Local\Temp\Software
Folder Deleted : C:\Users\nixevo\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\nixevo\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\nixevo\AppData\LocalLow\bbrs_002.tb
Folder Deleted : C:\Users\nixevo\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\nixevo\AppData\LocalLow\uTorrentBar
Folder Deleted : C:\Users\nixevo\AppData\Roaming\Media Finder
Folder Deleted : C:\Users\nixevo\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
Folder Deleted : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Data Deleted : HKLM\..\Windows [AppInit_DLLs] = c:\progra~3\browse~1\23787~1.43\{16cdf~1\browse~1.dll c:\progra~3\browse~1\22643~1.41\{16cdf~1\browse~1.dll
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\APN DTX
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentBar
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\BrowserCompanion
Key Deleted : HKCU\Software\BrowserMngr
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\MediaFinder
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D0F4A166-B8D4-48b8-9D63-80849FE137CB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A97B89CD-B65C-49DD-AF46-2B772C627456}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\incredibar.com
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\incredibar.com
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\Software\BrowserCompanion
Key Deleted : HKLM\Software\BrowserMngr
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\updatebho.DLL
Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\MF
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A97B89CD-B65C-49DD-AF46-2B772C627456}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\incredibar.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\incredibar.com
Key Deleted : HKLM\Software\uTorrentBar
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A97B89CD-B65C-49DD-AF46-2B772C627456}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3452540D-BC3F-445E-B2DC-E0D5C0B0A780}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9F630768-CB3C-4B98-8F03-67C658910062}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar Toolbar
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Wincore MediaBar
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\DataMngr
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Software
Key Deleted : HKU\S-1-5-21-2704147855-1236928014-2423095003-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{b64982b1-d112-42b5-b1e4-d3867c4533f8}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - BrowserMngr Start Page] = hxxp://search.babylon.com/?affID=114733&tt=270912_7a_3912_5&babsrc=HP_ss&mntrId=6c2771d70000000000000aa3c4aaffae --> hxxp://www.google.com
Deleted : [HKCU\Software\Microsoft\Internet Explorer\Main - bProtector Start Page]
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.babylon.com/?affID=114733&tt=270912_7a_3912_5&babsrc=NT_ss&mntrId=6c2771d70000000000000aa3c4aaffae --> hxxp://www.google.com

-\\ Google Chrome v22.0.1229.79

File : C:\Users\nixevo\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.48] : search_url = "hxxp://dts.search-results.com/sr?src=crb&appid=20&systemid=2&sr=0&q={searchTerms}",

*************************

AdwCleaner[S1].txt - [13324 octets] - [12/10/2012 13:27:09]

########## EOF - C:\AdwCleaner[S1].txt - [13385 octets] ##########

Results of screen317's Security Check version 0.99.51
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
ESET NOD32 Antivirus 5.2
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
MVPS Hosts File
Java(TM) 6 Update 20
Java 7 Update 7
Adobe Flash Player 10 Flash Player out of Date!
Adobe Reader X 10.1.1 Adobe Reader out of Date!
Google Chrome 22.0.1229.79
````````Process Check: objlist.exe by Laurent````````
ESET NOD32 Antivirus ekrn.exe
windows defender MpCmdRun.exe
TOSHIBA TOSHIBA Online Product Information TOPI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````

RogueKiller V8.1.1 [10/03/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Website: http://tigzy.geekstogo.com/roguekiller.php
Blog: http://tigzyrk.blogspot.com

Operačný systém: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spustené v : Normálny režim
Užívateľ : nixevo [Práva Správcu]
Režim : Kontrola -- Dátum : 10/12/2012 14:07:04

¤¤¤ Škodlivé procesy : 0 ¤¤¤

¤¤¤ Záznamy Registrov : 13 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : stplpfhevfcucfammws (C:\Users\nixevo\AppData\Roaming\stplpfhevfcucfammws.exe) -> NÁJDENÉ
[RUN][SUSP PATH] HKCU\[...]\Run : AdobeUpdate (wscript "C:\Users\nixevo\AppData\Roaming\Adobe32\invis.vbs" "C:\Users\nixevo\AppData\Roaming\Adobe32\bat.bat") -> NÁJDENÉ
[RUN][SUSP PATH] HKCU\[...]\Run : avgnamsmufpnmtlqopn (C:\Users\nixevo\AppData\Roaming\avgnamsmufpnmtlqopn.exe) -> NÁJDENÉ
[RUN][SUSP PATH] HKCU\[...]\Run : Activex Application Updater (C:\Users\nixevo\AppData\Roaming\Microsoft\Windows\Templates\spsreng.exe) -> NÁJDENÉ
[RUN][SUSP PATH] HKUS\S-1-5-21-2704147855-1236928014-2423095003-1000[...]\Run : stplpfhevfcucfammws (C:\Users\nixevo\AppData\Roaming\stplpfhevfcucfammws.exe) -> NÁJDENÉ
[RUN][SUSP PATH] HKUS\S-1-5-21-2704147855-1236928014-2423095003-1000[...]\Run : AdobeUpdate (wscript "C:\Users\nixevo\AppData\Roaming\Adobe32\invis.vbs" "C:\Users\nixevo\AppData\Roaming\Adobe32\bat.bat") -> NÁJDENÉ
[RUN][SUSP PATH] HKUS\S-1-5-21-2704147855-1236928014-2423095003-1000[...]\Run : avgnamsmufpnmtlqopn (C:\Users\nixevo\AppData\Roaming\avgnamsmufpnmtlqopn.exe) -> NÁJDENÉ
[RUN][SUSP PATH] HKUS\S-1-5-21-2704147855-1236928014-2423095003-1000[...]\Run : Activex Application Updater (C:\Users\nixevo\AppData\Roaming\Microsoft\Windows\Templates\spsreng.exe) -> NÁJDENÉ
[TASK][SUSP PATH] {097E43F6-F7EA-4C86-8633-29E671BA99C1} : C:\Windows\system32\pcalua.exe -a C:\Users\nixevo\Desktop\[SOFSHARE]Lego.Soccer.Mania\Lego.Soccer.Mania.By.Filiex\RegSetup.exe -d C:\Users\nixevo\Desktop\[SOFSHARE]Lego.Soccer.Mania\Lego.Soccer.Mania.By.Filiex -> NÁJDENÉ
[TASK][SUSP PATH] {66FEE74E-4C78-4A79-B4DE-81146CE63D26} : C:\Windows\system32\pcalua.exe -a "C:\ProgramData\VMware\VMware Workstation\Uninstaller\uninstall.exe" -c -x -S "C:\ProgramData\VMware\VMware Workstation\Uninstaller\" -> NÁJDENÉ
[TASK][SUSP PATH] {69724626-4BFB-4613-8BBE-C2A9FF37F361} : C:\Windows\system32\pcalua.exe -a C:\Users\nixevo\Desktop\LGUSBModemDriver_Eng_WHQL_Ver_4.9.4_All.exe -d C:\Users\nixevo\Desktop -> NÁJDENÉ
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NÁJDENÉ
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NÁJDENÉ

¤¤¤ Zvláštne súbory / Adresáre: ¤¤¤

¤¤¤ Ovládač : [NENAHRATÉ] ¤¤¤

¤¤¤ Súbor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
[...]


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK5076GSXN +++++
--- User ---
[MBR] 8687d4de98ed134ea0de98ff29dcf723
[BSP] 3f91711b9ad5a597ee25e01cec0d5bd0 : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 400 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 821248 | Size: 238470 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 489207808 | Size: 238069 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončené : << RKreport[1].txt >>
RKreport[1].txt

Spustte znovu RogueKiller

• Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
• Zvolte moznost Prohledat a pote Smazat a nasledne Zprava - otevre se log, ten sem vlozte
• Pak kliknete na Oprava Host a Zprava - otevre se log, ten sem vlozte

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Dejte novy log z RSIT

RogueKiller V8.1.1 [10/03/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Website: http://tigzy.geekstogo.com/roguekiller.php
Blog: http://tigzyrk.blogspot.com

Operačný systém: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spustené v : Normálny režim
Užívateľ : nixevo [Práva Správcu]
Režim : Kontrola -- Dátum : 10/12/2012 14:46:47

¤¤¤ Škodlivé procesy : 0 ¤¤¤

¤¤¤ Záznamy Registrov : 14 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : stplpfhevfcucfammws (C:\Users\nixevo\AppData\Roaming\stplpfhevfcucfammws.exe) -> NÁJDENÉ
[RUN][SUSP PATH] HKCU\[...]\Run : AdobeUpdate (wscript "C:\Users\nixevo\AppData\Roaming\Adobe32\invis.vbs" "C:\Users\nixevo\AppData\Roaming\Adobe32\bat.bat") -> NÁJDENÉ
[RUN][SUSP PATH] HKCU\[...]\Run : avgnamsmufpnmtlqopn (C:\Users\nixevo\AppData\Roaming\avgnamsmufpnmtlqopn.exe) -> NÁJDENÉ
[RUN][SUSP PATH] HKCU\[...]\Run : Activex Application Updater (C:\Users\nixevo\AppData\Roaming\Microsoft\Windows\Templates\spsreng.exe) -> NÁJDENÉ
[RUN][SUSP PATH] HKUS\S-1-5-21-2704147855-1236928014-2423095003-1000[...]\Run : stplpfhevfcucfammws (C:\Users\nixevo\AppData\Roaming\stplpfhevfcucfammws.exe) -> NÁJDENÉ
[RUN][SUSP PATH] HKUS\S-1-5-21-2704147855-1236928014-2423095003-1000[...]\Run : AdobeUpdate (wscript "C:\Users\nixevo\AppData\Roaming\Adobe32\invis.vbs" "C:\Users\nixevo\AppData\Roaming\Adobe32\bat.bat") -> NÁJDENÉ
[RUN][SUSP PATH] HKUS\S-1-5-21-2704147855-1236928014-2423095003-1000[...]\Run : avgnamsmufpnmtlqopn (C:\Users\nixevo\AppData\Roaming\avgnamsmufpnmtlqopn.exe) -> NÁJDENÉ
[RUN][SUSP PATH] HKUS\S-1-5-21-2704147855-1236928014-2423095003-1000[...]\Run : Activex Application Updater (C:\Users\nixevo\AppData\Roaming\Microsoft\Windows\Templates\spsreng.exe) -> NÁJDENÉ
[TASK][PREVRUN] {097E43F6-F7EA-4C86-8633-29E671BA99C1} : C:\Windows\system32\pcalua.exe -a C:\Users\nixevo\Desktop\[SOFSHARE]Lego.Soccer.Mania\Lego.Soccer.Mania.By.Filiex\RegSetup.exe -d C:\Users\nixevo\Desktop\[SOFSHARE]Lego.Soccer.Mania\Lego.Soccer.Mania.By.Filiex -> NÁJDENÉ
[TASK][PREVRUN] {1385CA8A-DDD5-48D2-BD97-D75E27E7B334} : C:\Windows\system32\pcalua.exe -a "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" -c "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup -> NÁJDENÉ
[TASK][PREVRUN] {66FEE74E-4C78-4A79-B4DE-81146CE63D26} : C:\Windows\system32\pcalua.exe -a "C:\ProgramData\VMware\VMware Workstation\Uninstaller\uninstall.exe" -c -x -S "C:\ProgramData\VMware\VMware Workstation\Uninstaller\" -> NÁJDENÉ
[TASK][PREVRUN] {69724626-4BFB-4613-8BBE-C2A9FF37F361} : C:\Windows\system32\pcalua.exe -a C:\Users\nixevo\Desktop\LGUSBModemDriver_Eng_WHQL_Ver_4.9.4_All.exe -d C:\Users\nixevo\Desktop -> NÁJDENÉ
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NÁJDENÉ
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NÁJDENÉ

¤¤¤ Zvláštne súbory / Adresáre: ¤¤¤

¤¤¤ Ovládač : [NENAHRATÉ] ¤¤¤

¤¤¤ Súbor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
[...]


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK5076GSXN +++++
--- User ---
[MBR] 8687d4de98ed134ea0de98ff29dcf723
[BSP] 3f91711b9ad5a597ee25e01cec0d5bd0 : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 400 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 821248 | Size: 238470 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 489207808 | Size: 238069 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončené : << RKreport[1].txt >>
RKreport[1].txt

Logfile of random's system information tool 1.09 (written by random/random)
Run by nixevo at 2012-10-12 14:52:16
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 108 GB (45%) free of 238 GB
Total RAM: 4004 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:52:26, on 12. 10. 2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
C:\Program Files (x86)\Origin\Origin.exe
C:\Users\nixevo\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Users\nixevo\AppData\Roaming\Microsoft\Windows\Templates\spsreng.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
C:\Users\Public\Conduit\ConduitHelper\ConduitHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\nixevo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Users\nixevo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\nixevo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\nixevo.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll (file missing)
O2 - BHO: (no name) - {2EECD738-5844-4a99-B4B6-146BF802613B} - (no file)
O2 - BHO: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: DataMngr - {B939CF93-F2CB-443d-956C-DC523D85C9DB} - C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\BROWSE~1.DLL
O2 - BHO: Wincore Mediabar - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\ToolBar\wincorebsdtx.dll
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll
O3 - Toolbar: Wincore Mediabar - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\ToolBar\wincorebsdtx.dll
O3 - Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - (no file)
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NBAgent] "c:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [KeNotify] "C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe" LPCM
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe /hide:60
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [ConduitHelper] "C:\Users\Public\Conduit\ConduitHelper\ConduitHelper.exe"
O4 - HKLM\..\Run: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [HF_G_Jul] "C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe" /DoAction
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SBRegRebootCleaner] C:\Program Files (x86)\Sunbelt Software\CounterSpy\SBRC.exe
O4 - HKCU\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STAR
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [stplpfhevfcucfammws] C:\Users\nixevo\AppData\Roaming\stplpfhevfcucfammws.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\nixevo\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [AdobeUpdate] wscript "C:\Users\nixevo\AppData\Roaming\Adobe32\invis.vbs" "C:\Users\nixevo\AppData\Roaming\Adobe32\bat.bat"
O4 - HKCU\..\Run: [avgnamsmufpnmtlqopn] C:\Users\nixevo\AppData\Roaming\avgnamsmufpnmtlqopn.exe
O4 - HKCU\..\Run: [Activex Application Updater] C:\Users\nixevo\AppData\Roaming\Microsoft\Windows\Templates\spsreng.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Toshiba Places Icon Utility.lnk = ?
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Pridať do TOSHIBA Bulletin Board - res://C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll/1000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-229 - {97F922BD-8563-4184-87EE-8C4ACA438823} - (no file)
O9 - Extra 'Tools' menuitem: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-228 - {97F922BD-8563-4184-87EE-8C4ACA438823} - (no file)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~4\Office12\GRA32A~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @c:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - c:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 16218 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
winlogon.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 13087808
\??\C:\Windows\system32\conhost.exe "-854850438-1220585141-2120246115837719658-122679876-2078017941-1070923566282178178
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe"
"C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\TODDSrv.exe
"C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe"
taskeng.exe {A6796295-9504-4080-A29D-98020341E0D7}
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 1432
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe"
"C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe"
"C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe"
"C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe"
"C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE3
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\igfxext.exe -Embedding
taskeng.exe {05C478E6-4FBD-405F-A082-C48ED0BC9E72}
"C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Windows\System32\igfxtray.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe" /STAR
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
"C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
"C:\Users\nixevo\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"C:\Users\nixevo\AppData\Roaming\Microsoft\Windows\Templates\spsreng.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe"
"C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe" LPCM
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
"C:\Users\Public\Conduit\ConduitHelper\ConduitHelper.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Users\nixevo\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosA2dp.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosBtHid.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosBtHsp.exe"
"C:\Users\nixevo\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4944.1.1526591157\2015238634" --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2353 --ignored=" --type=renderer " /prefetch:12
"C:\Users\nixevo\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/blacklisted/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/7/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V1/SpdyCwnd/cwnd16/SpdyImpact/spdy3/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-1-Percent/group_07/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warmest_socket/ --renderer-print-preview --disable-accelerated-2d-canvas --channel="4944.2.582463852\953707667" /prefetch:3
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe"
"C:\Users\nixevo\Desktop\RSITx64.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"c:\Program Files (x86)\Nero\Update\NASvc.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2704147855-1236928014-2423095003-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2704147855-1236928014-2423095003-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}]
McAfee Phishing Filter - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B939CF93-F2CB-443d-956C-DC523D85C9DB}]
DataMngr - C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\BROWSE~1.DLL [2012-07-09 103896]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}]
McAfee Phishing Filter - c:\progra~1\mcafee\msk\mskapbho.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-07-27 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~4\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-10-04 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B939CF93-F2CB-443d-956C-DC523D85C9DB}]
DataMngr - C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\BROWSE~1.DLL [2012-07-09 89048]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}]
Wincore Mediabar - C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\ToolBar\wincorebsdtx.dll [2011-12-27 87480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar BHO - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll [2010-10-11 612616]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-10-04 157672]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3C88694-EFFA-4d78-B409-54B7B2535B14}]
TOSHIBA Media Controller Plug-in - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-12-05 529784]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll,-100 - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll [2010-10-11 612616]
{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - Wincore Mediabar - C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\ToolBar\wincorebsdtx.dll [2011-12-27 87480]
{98889811-442D-49dd-99D7-DC866BE87DBC}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TosNC"=C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [2010-12-13 597928]
"TosReelTimeMonitor"=C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [2010-12-14 38304]
"Toshiba TEMPRO"=C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [2011-02-10 1546720]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2011-03-02 566696]
"TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2010-12-15 973176]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-02-11 11776104]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-01-18 2188904]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-02-03 2679592]
"TosSENotify"=C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [2010-12-08 710040]
"TosVolRegulator"=C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [2009-11-11 24376]
"Toshiba Registration"=C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe [2011-03-28 150992]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-04-05 167960]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-04-05 391704]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-04-05 418840]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2012-03-07 4081008]
"SpywareTerminatorShield"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe []
"SpywareTerminatorUpdater"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TOPI.EXE"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [2011-02-18 845176]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"RGSC"=C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent []
"Sony PC Companion"=C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [2012-05-31 445624]
"EADM"=C:\Program Files (x86)\Origin\Origin.exe [2012-09-22 3341464]
"stplpfhevfcucfammws"=C:\Users\nixevo\AppData\Roaming\stplpfhevfcucfammws.exe [2010-11-21 55632]
"Google Update"=C:\Users\nixevo\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-30 116648]
"AdobeUpdate"=wscript C:\Users\nixevo\AppData\Roaming\Adobe32\invis.vbs C:\Users\nixevo\AppData\Roaming\Adobe32\bat.bat []
"avgnamsmufpnmtlqopn"=C:\Users\nixevo\AppData\Roaming\avgnamsmufpnmtlqopn.exe [2010-11-21 55632]
"Activex Application Updater"=C:\Users\nixevo\AppData\Roaming\Microsoft\Windows\Templates\spsreng.exe [2012-10-07 9728]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2011-09-05 35736]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"NBAgent"=c:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2011-01-07 1406248]
"Microsoft Default Manager"=C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [2010-05-10 439568]
"SVPWUTIL"=C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [2010-11-09 532480]
"HWSetup"=C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [2010-03-04 423936]
"KeNotify"=C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [2010-08-16 34160]
"ITSecMng"=C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START []
"ToshibaServiceStation"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [2010-11-29 1294712]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2011-07-05 421888]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"ConduitHelper"=C:\Users\Public\Conduit\ConduitHelper\ConduitHelper.exe [2011-08-31 274216]
""= []
"ROC_roc_dec12"=C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe /PROMPT /CMPID=roc_dec12 []
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-11-02 59240]
"HF_G_Jul"=C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe /DoAction []
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"SBRegRebootCleaner"=C:\Program Files (x86)\Sunbelt Software\CounterSpy\SBRC.exe []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
Toshiba Places Icon Utility.lnk - C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe

C:\Users\nixevo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
TRDCReminder.lnk - C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\datamngr.dll C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\IEBHO.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-04-05 385024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~4\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Users\nixevo\AppData\Local\Temp\MUUAAFRU16.exe"="C:\Users\nixevo\AppData\Local\Temp\MUUAAFRU16.exe:*:Enabled:Windows Messanger"
"C:\Windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe"="C:\Windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe:*:Enabled:Windows Messanger"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-10-12 13:27:09 ----A---- C:\AdwCleaner[S1].txt
2012-10-12 12:40:46 ----D---- C:\Program Files\trend micro
2012-10-12 12:40:44 ----D---- C:\rsit
2012-10-12 11:29:16 ----SHD---- C:\Config.Msi
2012-10-12 10:34:42 ----D---- C:\Program Files (x86)\Enigma Software Group
2012-10-10 23:18:08 ----D---- C:\Users\nixevo\AppData\Roaming\Malwarebytes
2012-10-10 23:17:59 ----D---- C:\ProgramData\Malwarebytes
2012-10-10 23:06:57 ----A---- C:\Windows\SYSWOW64\SBRC.dat
2012-10-10 22:02:51 ----D---- C:\Program Files (x86)\Origin Games
2012-10-08 14:44:52 ----A---- C:\Windows\system32\drivers\stflt.sys
2012-10-08 13:09:17 ----D---- C:\Program Files\Enigma Software Group
2012-10-08 13:02:10 ----D---- C:\ProgramData\Sunbelt
2012-10-07 22:43:16 ----D---- C:\ProgramData\ESET
2012-10-07 22:43:16 ----D---- C:\Program Files\ESET
2012-10-07 21:49:28 ----A---- C:\Users\nixevo\AppData\Roaming\avgnamsmufpnmtlqopn.exe
2012-10-04 22:00:15 ----A---- C:\Windows\SYSWOW64\drivers\DrvAgent64.SYS
2012-10-04 21:56:42 ----D---- C:\Windows\Sun
2012-10-04 21:54:53 ----D---- C:\Program Files (x86)\SystemRequirementsLab
2012-10-04 12:00:05 ----A---- C:\Windows\SYSWOW64\javaws.exe
2012-10-04 11:59:43 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2012-09-30 15:12:02 ----D---- C:\Users\nixevo\AppData\Roaming\Opera
2012-09-30 15:11:53 ----D---- C:\Program Files (x86)\Opera
2012-09-30 14:05:04 ----D---- C:\Windows\SYSWOW64\drivers\AVG
2012-09-30 00:05:49 ----A---- C:\Windows\system32\aswBoot.exe
2012-09-30 00:05:20 ----D---- C:\ProgramData\AVAST Software
2012-09-30 00:05:20 ----D---- C:\Program Files\AVAST Software
2012-09-28 23:23:30 ----D---- C:\Program Files (x86)\SpyDig
2012-09-28 22:51:26 ----A---- C:\Users\nixevo\AppData\Roaming\stplpfhevfcucfammws.exe
2012-09-27 21:49:24 ----D---- C:\Program Files (x86)\uTorrent
2012-09-27 21:48:04 ----D---- C:\Windows\SYSWOW64\searchplugins
2012-09-27 21:48:04 ----D---- C:\Windows\SYSWOW64\Extensions
2012-09-27 21:48:02 ----D---- C:\ProgramData\Browser Manager
2012-09-25 23:13:58 ----A---- C:\Windows\system32\OxpsConverter.exe
2012-09-23 11:14:07 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-09-23 11:14:07 ----A---- C:\Windows\system32\mshtmled.dll
2012-09-23 11:14:06 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2012-09-23 11:14:06 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-09-23 11:14:06 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-09-23 11:14:06 ----A---- C:\Windows\system32\ieUnatt.exe
2012-09-23 11:14:06 ----A---- C:\Windows\system32\ieui.dll
2012-09-23 11:14:05 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-09-23 11:14:05 ----A---- C:\Windows\SYSWOW64\url.dll
2012-09-23 11:14:05 ----A---- C:\Windows\system32\url.dll
2012-09-23 11:14:04 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2012-09-23 11:14:04 ----A---- C:\Windows\system32\urlmon.dll
2012-09-23 11:14:04 ----A---- C:\Windows\system32\msfeeds.dll
2012-09-23 11:14:04 ----A---- C:\Windows\system32\jscript9.dll
2012-09-23 11:14:03 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-09-23 11:14:03 ----A---- C:\Windows\system32\wininet.dll
2012-09-23 11:14:02 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-09-23 11:14:02 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-09-23 11:14:02 ----A---- C:\Windows\system32\vbscript.dll
2012-09-23 11:14:02 ----A---- C:\Windows\system32\jsproxy.dll
2012-09-23 11:14:01 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-09-23 11:14:01 ----A---- C:\Windows\system32\jscript.dll
2012-09-23 11:14:01 ----A---- C:\Windows\system32\iertutil.dll
2012-09-23 11:14:00 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-09-23 11:14:00 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-09-23 11:13:59 ----A---- C:\Windows\system32\mshtml.dll
2012-09-23 11:13:58 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-09-23 11:13:58 ----A---- C:\Windows\system32\ieframe.dll
2012-09-13 20:24:08 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2012-09-13 20:24:08 ----A---- C:\Windows\system32\drivers\ndis.sys
2012-09-13 20:24:07 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2012-09-13 20:24:07 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-09-13 20:24:07 ----A---- C:\Windows\system32\drivers\netio.sys
2012-09-13 20:24:07 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2012-09-13 20:24:07 ----A---- C:\Windows\system32\d3d10level9.dll

======List of files/folders modified in the last 1 month======

2012-10-12 14:52:22 ----A---- C:\Windows\SYSWOW64\log.txt
2012-10-12 14:52:10 ----D---- C:\Windows\Temp
2012-10-12 14:50:24 ----D---- C:\Windows\system32\config
2012-10-12 14:48:28 ----D---- C:\Windows
2012-10-12 13:53:53 ----D---- C:\Windows\system32\catroot
2012-10-12 13:53:41 ----D---- C:\Windows\system32\catroot2
2012-10-12 13:53:32 ----D---- C:\Windows\winsxs
2012-10-12 13:27:13 ----SHD---- C:\Windows\Installer
2012-10-12 13:27:13 ----RD---- C:\Program Files (x86)
2012-10-12 13:27:10 ----HD---- C:\ProgramData
2012-10-12 13:22:50 ----D---- C:\Windows\system32\Tasks
2012-10-12 13:18:33 ----D---- C:\Windows\System32
2012-10-12 13:18:32 ----SD---- C:\ProgramData\Microsoft
2012-10-12 13:17:33 ----D---- C:\Windows\inf
2012-10-12 13:17:33 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-10-12 12:40:46 ----RD---- C:\Program Files
2012-10-12 12:38:26 ----D---- C:\Windows\Microsoft.NET
2012-10-12 11:34:50 ----D---- C:\ProgramData\Spybot - Search & Destroy
2012-10-12 11:32:59 ----D---- C:\Windows\system32\drivers
2012-10-12 11:28:17 ----SHD---- C:\System Volume Information
2012-10-12 10:44:06 ----D---- C:\Windows\SYSWOW64\drivers
2012-10-12 10:44:04 ----D---- C:\Windows\SysWOW64
2012-10-12 10:31:34 ----D---- C:\Temp
2012-10-10 22:49:17 ----D---- C:\Users\nixevo\AppData\Roaming\uTorrent
2012-10-10 22:49:17 ----D---- C:\Users\nixevo\AppData\Roaming\DAEMON Tools Lite
2012-10-10 22:49:06 ----D---- C:\Windows\Logs
2012-10-10 22:49:06 ----D---- C:\Windows\debug
2012-10-09 21:16:58 ----RSD---- C:\Windows\assembly
2012-10-09 21:12:53 ----D---- C:\Windows\SYSWOW64\en-US
2012-10-09 21:12:53 ----D---- C:\Windows\system32\en-US
2012-10-09 21:12:45 ----D---- C:\Program Files (x86)\Microsoft.NET
2012-10-09 21:11:58 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy
2012-10-08 13:05:02 ----D---- C:\Users\nixevo\AppData\Roaming\Adobe32
2012-10-07 22:43:50 ----D---- C:\Windows\system32\DriverStore
2012-10-05 10:26:39 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2012-10-04 12:00:15 ----D---- C:\Program Files (x86)\Common Files
2012-10-04 11:59:36 ----A---- C:\Windows\SYSWOW64\javaw.exe
2012-10-04 11:59:35 ----A---- C:\Windows\SYSWOW64\npDeployJava1.dll
2012-10-04 11:59:35 ----A---- C:\Windows\SYSWOW64\java.exe
2012-10-04 11:59:35 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2012-10-04 11:59:33 ----D---- C:\Program Files (x86)\Java
2012-10-02 22:14:40 ----D---- C:\Windows\rescache
2012-09-30 18:38:44 ----D---- C:\Windows\Tasks
2012-09-30 17:39:08 ----D---- C:\ProgramData\DAEMON Tools Lite
2012-09-30 14:16:33 ----D---- C:\Windows\system32\NDF
2012-09-30 14:06:22 ----D---- C:\ProgramData\AVG2012
2012-09-30 14:05:41 ----D---- C:\ProgramData\MFAData
2012-09-30 14:05:04 ----HD---- C:\$AVG
2012-09-30 13:58:47 ----D---- C:\Windows\system32\drivers\AVG
2012-09-29 23:54:41 ----SD---- C:\Users\nixevo\AppData\Roaming\Microsoft
2012-09-28 23:57:45 ----D---- C:\Windows\system32\drivers\etc
2012-09-27 21:48:54 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-09-27 21:47:50 ----D---- C:\Windows\Prefetch
2012-09-27 21:06:45 ----D---- C:\ProgramData\Origin
2012-09-23 11:16:59 ----D---- C:\Windows\SYSWOW64\migration
2012-09-23 11:16:59 ----D---- C:\Windows\system32\migration
2012-09-23 11:16:59 ----D---- C:\Program Files (x86)\Internet Explorer
2012-09-23 11:16:58 ----D---- C:\Program Files\Internet Explorer
2012-09-22 10:15:56 ----D---- C:\ProgramData\Sony Ericsson
2012-09-22 10:15:52 ----D---- C:\Program Files (x86)\Sony Ericsson
2012-09-22 09:36:42 ----D---- C:\Program Files (x86)\Origin
2012-09-17 11:35:36 ----D---- C:\Users\nixevo\AppData\Roaming\Origin
2012-09-13 23:32:46 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-01-12 439320]
R0 LPCFilter;LPC Lower Filter Driver; C:\Windows\system32\DRIVERS\LPCFilter.sys [2010-03-22 46192]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 tos_sps64;TOSHIBA tos_sps64 Service; C:\Windows\system32\DRIVERS\tos_sps64.sys [2009-06-24 482384]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 26840]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-09-04 254528]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2012-03-14 209768]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2012-03-14 148528]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2010-11-29 82224]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2012-03-14 137144]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-12-17 2675712]
R3 BtFilter;Bluetooth LowerFilter Class Filter Driver; C:\Windows\system32\DRIVERS\btfilter.sys [2010-10-18 42096]
R3 CeKbFilter;CeKbFilter; C:\Windows\system32\DRIVERS\CeKbFilter.sys [2011-05-02 20592]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-04-05 12262624]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-02-11 2739176]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2011-02-08 38096]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-02-03 1413680]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 27784]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2009-06-17 54664]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2010-06-18 18872]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S0 vmci;VMware VMCI Bus Driver; C:\Windows\system32\DRIVERS\vmci.sys []
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2010-12-02 19968]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-07-20 247400]
S3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2011-02-23 291120]
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2010-11-11 50864]
S3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2010-08-30 94528]
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 26472]
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2010-04-26 63488]
S3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2011-01-27 67384]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2011-05-10 51712]
S3 usbbus;LGE CDMA Composite USB Device; C:\Windows\system32\DRIVERS\lgx64bus.sys []
S3 UsbDiag;LGE CDMA USB Serial Port; C:\Windows\system32\DRIVERS\lgx64diag.sys []
S3 USBModem;LGE CDMA USB Modem; C:\Windows\system32\DRIVERS\lgx64modem.sys []
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
S3 xnacc;XBOX 360 Controller For Windows Driver Service; C:\Windows\system32\DRIVERS\xnacc.sys [2009-07-14 679936]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-09-05 64952]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-10-24 55144]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2012-03-07 913144]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2010-08-04 1809920]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-01 326168]
R2 NAUpdate;@c:\Program Files (x86)\Nero\Update\NASvc.exe,-200; c:\Program Files (x86)\Nero\Update\NASvc.exe [2011-01-14 572712]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-07-27 249136]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2010-10-20 138656]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2010-12-09 489384]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2010-11-29 54136]
R3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2010-04-12 196976]
S2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
S3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2011-02-10 112080]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-12-08 137632]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-09-04 1255736]
S4 NetMsmqActivator;@%SystemRoot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-06-10 116560]
S4 NetPipeActivator;@%SystemRoot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-06-10 116560]
S4 NetTcpActivator;@%SystemRoot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-06-10 116560]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

RogueKiller V8.1.1 [10/03/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Website: http://tigzy.geekstogo.com/roguekiller.php
Blog: http://tigzyrk.blogspot.com

Operačný systém: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spustené v : Normálny režim
Užívateľ : nixevo [Práva Správcu]
Režim : Oprava HOSTS -- Dátum : 10/12/2012 14:54:53

¤¤¤ Škodlivé procesy : 1 ¤¤¤
[SUSP PATH] spsreng.exe -- C:\Users\nixevo\AppData\Roaming\Microsoft\Windows\Templates\spsreng.exe -> ZASTAVENÉ [TermProc]

¤¤¤ Záznamy Registrov : 0 ¤¤¤

¤¤¤ Ovládač : [NENAHRATÉ] ¤¤¤

¤¤¤ Súbor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
[...]


¤¤¤ Resetovaný HOSTS: ¤¤¤


Dokončené : << RKreport[4].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt

Spustte znovu RKill

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix